Insights from the RSA 2023 Cybersecurity Conference

Hosted in San Francisco, California, the annual RSA Conference is one of the premier information security events globally. This year’s event, held from April 24-27, gave me the opportunity to speak with industry stakeholders throughout the space on the forces shaping the market today and into the future. My focus is on the Internet of Things (IoT) and software solutions for the energy and utilities sector—an area where ensuring the security of grid devices and cloud environments is becoming increasingly critical. While cybersecurity is still overlooked by some in this sector, perceptive organizations are tackling these issues head-on.

Among a plethora of intriguing topics and technologies, the following macrotrends were the “buzz of the show” at RSA 2023.

IoT and OT Play Catch-Up with IT Cybersecurity

The proliferation of IoT devices throughout most major industries, including critical infrastructure like electricity networks and natural gas pipelines, means the surface area for attacks is growing exponentially. Dragos, an exhibitor at this year’s conference, cited an 87% increase in ransomware attacks against industrial organizations between 2021 and 2022. And while education and awareness of cyber threats are improving, many operational technology (OT) departments aren’t well equipped to identify and assess the severity of vulnerabilities, leading to a slower response when attacks do occur. That’s why companies like Dragos, Nozomi Networks, and others are specifically targeting critical infrastructure and industrial environments in an attempt to fill these unresolved capabilities gaps.

Zero Trust Architectures Become Mainstream

While zero trust architectures aren’t new, several exhibitors highlighted this principle as a key topic of discussion. Zero trust, also known as perimeterless security, dictates that devices shouldn’t be trusted by default, even if connected to a recognized network or if previously verified. In other words, rather than relying only on a firewall, which would allow attackers free access once they’ve breached the perimeter, zero trust architectures mitigate attacks even if they do penetrate the network.

Addressing the Human Element

Another common talking point was the inherent and increasing risk from in-house staff. The ubiquity of wireless connectivity and personal devices (i.e., smartphones, tablets) in industrial sites complicates traditional network monitoring by opening up new potential attack paths. As I heard in multiple briefings and expo floor discussions, every person in an organization is a potential risk, and so are all their devices. To address this risk, several companies demonstrated their deep packet inspection functionalities, meaning all data entering a network (e.g., connected devices and the IP domains to which they send data) is assessed and then rated by reputation.

AI Continues to Top the Buzzword Charts

Unsurprisingly, AI—and more specifically, generative AI—made its way into seemingly every discussion and conference session. While topics like copyright infringement and deepfakes are beyond the scope of this blog post (we’d be here all day), one point relating to generative AI is worth noting: given AI models’ policies around retaining queries, programmers feeding code into generative models like ChatGPT run the risk of exposing proprietary code to the world. More to the point, ChatGPT says it doesn’t ensure secure coding—thus using it for this purpose effectively invites attackers into your enterprise network. Organizations would be wise to carefully examine the potential liabilities and implications of AI-enabled tools before jumping on the bandwagon.

These macrotrends are helping shape the future of industrial cybersecurity in overlapping yet different ways. Growing recognition of the gaps in IoT and OT security, the vulnerabilities of internal personnel, and the double-edged sword of AI is galvanizing organizations to better secure their industrial environments. The most important takeaway for companies today is to continuously collaborate and cross-pollinate between IT and OT departments to ensure no stone is left unturned.